September 13, 2016

SAML2 Assertion Query Request / Response Messages - part 3

     , , , , , , , , , , , , , , ,  No comments
AuthzDecision Query is used to determine some actions on some resources be allowed to a particular subject. This request message present Evidence such as AssertionIDRef , Assertion to verify subject.

AuthzDecision Query Request Message


AuthzDecision Query Response Message


Customized Error Response Message

IDP must return Response message for each and every request which received from the SP. IDP can report errors in request message or server failures of it self.

Invalid Issuer Error Response 


Invalid SAML Version Error Response 


Invalid Subject Error Response 


Invalid SessionIndex or Auth-Context Error Response 


SAML2 Assertion Query Request / Response Messages - part 2

     , , , , , , , , , , , , , ,  No comments

AuthnQuery Request message is used to check Assertions which match with given Subject and Authentication statements such as SessionIndex, Auth-context.

AuthnQuery-SessionIndex Request Message


AuthnQuery-SessionIndex Response Message


AuthnQuery-AuthContext Request Message


AuthnQuery-AuthContext Response Message


SAML2 Assertion Query Request / Response Messages - part 1

     , , , , , , , , , , , , ,  No comments

Service Providers are able to query dynamic or existing assertions from Identity Provider by following SAML2 specification, using standard request messages.Identity Provider need to issue Response message for each request. If the request message contains errors, then IDP should add error status and message into the Response message.Response message may contain one or more assertions or no any assertion.

Attribute Query Request Message


Attribute Query Response Message


AssertionIDRequest Request Message


AssertionIDRequest Response Message